How To Be Completely Anonymous? : A Thorough Guide

Hide like a hacker

i. Protectionii. Encryptioniii. Anonymityiv. Links

Protection

Basically what I am trying to say in this section is, before you go out hacking other people and other things, just check for a second and make sure it’s not as easy to hack your device. There are some pretty simple steps for this though.

Make sure all your security updates are installed, if you have windows firewall disable it.

Download your own firewall. If you are behind a router you can skip this.

Make sure all unused ports are closed.

Check your msconfig, run a few HJT logs and Malwarebyte’s to make sure you are not already infected.

Use a keyscambler to prevent keyloggers

It is important that you are not infected because other could see you hacking and steal it from you or alternatively, if they get caught, you get caught. On the other hand you might want to stay infected by a bot or RAT so if and when you are caught you can claim you had no knowledge and the bot controlled your PC and performed the hack without your knowledge. However I am not someone who intends to be caught. (I’m not really a black hat either ;))

I don’t personally use an AV for many reasons reasons:
It is possible to make an FUD virus, this is likely to be what you get infected with.
It often goes around deleting your stuff without asking.
They slow down your PC and often hog the CPU.
Whilst performing updates it slows down your connection.

KeyScrambler

HJT

Malewarebytes

Another way to prevent this is to use a Lixux-based O/S as although these aren’t 100% secure they have a lot on Windows machines due to the fact they are less common.

But remember you are not invisible:

If you downloaded and installed the open-source Unreal IRC server in the last 8 months or so, you’ve been pawned.

“Hi all,

This is very embarrassing…

We found out that the Unreal3.2.8.1.tar.gz file on our mirrors has been replaced quite a while ago with a version with a backdoor (Trojan) in it.

This backdoor allows a person to execute ANY command with the privileges of the user running the ircd. The backdoor can be executed regardless of any user restrictions (so even if you have passworded server or hub that doesn’t allow any users in).”

Encryption

Be under no illusions, this is one of the most important steps to keeping information secret. Now I am a big fan of encryption and here is why:

“If your encryption program uses 128-bit keys, your particular key could be any of more than 3.4 trillion billion billion billion possible combinations. More likely to win the lottery than to crack that level of encryption using the brute-force method”Or just use RSA 4096-bit and 256-bit AES?

Now I think this says a little bit about how much safer encryption makes you, if you encrypt your HDD using 256-bit, there is little chance even the authorities will crack it…. in your lifetime. However do be aware of local law for example in the UK the new Regulation of Investigatory Powers Act states:

Individuals who are believed to have the cryptographic keys necessary for such decryption will face up to 5 years in prison for failing to comply with police or military orders to hand over either the cryptographic keys, or the data in a decrypted form.

The penalties are up to 5 years for terrorism-related information and 2 years for “All other failures to comply”

Therefore depending on the strength of your offence it could be more wise to with-hold your key on claims of a privacy breach, and face the maximum two years than to hand over your keys.

The program I most recomend for doing this is

TrueCrypt

The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths.

Oh and that’s not even the most useful part:

TrueCrypt allows you to create a hidden operating system whose existence will be impossible to prove (provided that certain guidelines are followed — see below). Thus, you will not have to decrypt or reveal the password for the hidden operating system.

As there is a pre-boot authentication process which asks for your encryption password you can have two, one for people to see and one for hacking purposes. This is IMPOSSIBLE to prove so I highly recommed using it, although I don’t use it myself…

Anonymity

Now, this is THE MOST IMPORTANT section of the whole tutorial, get this part right and you can pretty much forget about the rest (however if you are performing something illegal following the other steps might help you sleep better).

Difference between SOCKS and HTTP

SOCKS

Bill wishes to communicate with Jane over the internet, but a firewall exists on his network between them and Bill is not authorized to communicate through it himself. Therefore, he connects to the SOCKS proxy on his network and sends to it information about the connection he wishes to make to Jane. The SOCKS proxy opens a connection through the firewall and facilitates the communication between Bill and Jane. For more information on the technical specifics of the SOCKS protocol, see the sections below.

HTTP

Bill wishes to download a web page from Jane, who runs a web server. Bill cannot directly connect to Jane’s server, as a firewall has been put in place on his network. In order to communicate with the server, Bill connects to his network’s HTTP proxy. His internet browser communicates with the proxy in exactly the same way it would the target server—it sends a standard HTTP request header. The HTTP proxy reads the request and looks for the Host header. It then connects to the server specified in the header and transmits any data the server replies with back to Bill.

Remember

HTTP proxies are traditionally more HTTP protocol aware and do more high level filtering (even though that usually only applies to GET and POST methods, not CONNECT). SOCKS proxies can also forward UDP traffic and work in reverse – HTTP proxies can’t do that.

Due to the restrictions of a HTTP proxy, they ONLY work for HTTP traffic and do not support UDP and other types of proxy uses. the reason is because they “infer the address of the server and therefore may only be used for HTTP traffic”.

Use both HTTP and SOCKS if possible though this is known as “Proxy Chaining” this is used to make your actions harder to trace but its not truely effective.

REMEBER: Do not use an L3 HTTP proxy as they show your true IP in the header and are therefore essentially pointless.

VPN

This is by far the most effective way to conceal your identity. It channels you traffic and encrpts it with 128-bit. Although some support 256-bit. Often a VPN is much more reliable and does not slow down your connection as much (in fact I haven’t noticed mine at all)

Check These Out!

2 COMMENTS

I blog frequently and I seriously appreciate your information. The article has truly peaked my interest. I’m going to book mark your website and keep checking for new details about once per week. I opted in for your Feed as well.

# This is what they say

Martin

Hello :), I have been following your tutorials and think they are really good. I have basic pentesting skills and know basically how to use Kali, metasploit etc. but have no coding skills which is something I will be working on, but I would like to ask you if you would tutor me, against compensation of course in regards to getting things working, I mean if I’m stuck I could ask you for advice, this way I would learn faster and not waste days on a problem, and you would be able to supplement your income wile you study, I would need maybe 4-6 hours per week. If you find it int. let talk rates and get going :), best regards Martin.

26th January 2018 at 5:47 PM

Eitan

Hello dear, I am very impressed about your tutorials, you doing a great job revealing so many valuable hacking methods. I been playing around long time and yet i couldn’t find a stable RAT which pass runtime in 8 and 10. Please share it with me, i don’t mind pay some coins for coding, we all know quality things costs money. Waiting on your reply, thanks.

18th December 2017 at 2:12 AM

Jacob Mason

Hi, Hope you are doing great I know you are busy, so I will be quick. I came across your blog (hackeroyale.com) and found it quite interesting. I feel my writings could be a source of great interest to your readers. I’m really looking forward to getting my work published on your blog. Thanks for your time and keep the awesome work. Much Regards Jacob Mason